In the prior art, programming a vehicle's electronic control unit (ECU) requires that the vehicle be present at an authorized location (e.g., a manufacturing or assembly facility, a dealership, or an authorized repair facility) and directly hardwired to a programming tool. Recently, remote wireless programming of ECUs has been introduced, which allows for greater programming flexibility. With this change, security has shifted from physical mechanism& to password and cryptographic authentication mechanisms for controlling access. Unfortunately, the security afforded by password and cryptographic access-control mechanisms does not provide a sufficiently high level of assurance against malicious attacks, such as, for example, the communication of viruses or other harmful or undesired programs to ECUs.
It will be appreciated that this concern extends to both providing input to ECUs or other vehicular devices as well as eliciting output from such devices. Thus, for example, toll booths or parking garages might be adapted to wirelessly query vehicles for identification or even for payment information but, as mentioned, password and cryptographic mechanisms do not afford sufficient security against the illicit collection of such information.
It will also be appreciated that this concern extends to a variety of other programmable or otherwise accessible mobile devices including, for example, mobile telephones and mobile computing devices.
Thus, an improved access-control mechanism is needed to more effectively control access to vehicular or other mobile devices.